3 1 Goals of Information Security Confidentiality Integrity Availability prevents unauthorized use or disclosure of information safeguards the accuracy and completeness of information authorized users have reliable and timely access to information SECURITY

4 Why Security? The Internet was initially designed for connectivity Trust assumed We do more with the Internet nowadays Security protocols are added on top of the TCP/IP Fundamental aspects of information must be protected Confidential data Employee information Business models Protect identity and resources We can t keep ourselves isolated from the Internet Most business communications are done online We provide online services We get services from third-party organizations online

9 1 Common Types of Attack Ping sweeps and port scans - reconnaissance Sniffing capture packet as they travel through the network Man-in-the-middle attack intercepts messages that are intended for a valid device Spoofing - sets up a fake device and trick others to send messages to it Hijacking take control of a session Denial of Service (DoS) and Dynamic DoS (DDoS)

10 Trusted Network Standard defensive-oriented technologies Firewall first line of defense Intrusion Detection Build TRUST on top of the TCP/IP infrastructure Strong authentication Two-factor authentication something you have + something you know Public Key Infrastructure (PKI)

11 Access Control Access control - ability to permit or deny the use of an object by a subject. It provides 3 essential services (known as AAA): Authentication (who can login) Authorization (what authorized users can do) Accountability (identifies what a user did)

12 Cryptography Has evolved into a complex science in the field of information security Encryption process of transforming plaintext to ciphertext using a cryptographic key Symmetric key cryptography uses a single key to both encrypt and decrypt information. Also known as private key. Includes DES, 3DES, AES, IDEA, RC5 Asymmetric key cryptography separate keys for encryption and decryption (public and private key pairs) Includes RSA, Diffie-Hellman, El Gamal

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used

4 CHAPTER FOUR General Network Security Objectives This chapter covers the following Cisco-specific objectives for the Identify security threats to a network and describe general methods to mitigate those

(d-5273) CCIE Security v3.0 Written Exam Topics CCIE Security v3.0 Written Exam Topics The topic areas listed are general guidelines for the type of content that is likely to appear on the exam. Please

Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in

A firewall is a software- or hardware-based network security system that allows or denies network traffic according to a set of rules. Firewalls can be categorized by their location on the network: A network-based

CCIE Security Written Exam (350-018) version 4.0 Exam Description: The Cisco CCIE Security Written Exam (350-018) version 4.0 is a 2-hour test with 90 110 questions. This exam tests the skills and competencies

Final exam review, Fall 2005 FSU (CIS-5357) Network Security Instructor: Breno de Medeiros 1. What is an insertion attack against a NIDS? Answer: An insertion attack against a network intrusion detection

Firewalls, Tunnels, and Network Intrusion Detection 1 Part 1: Firewall as a Technique to create a virtual security wall separating your organization from the wild west of the public internet 2 1 Firewalls

MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file

Firewalls, Tunnels, and Network Intrusion Detection 1 Firewalls A firewall is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system.

EXAM questions for the course TTM4135 - Information Security May 2013 Part 1 This part consists of 5 questions all from one common topic. The number of maximal points for every correctly answered question

Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to

Course: Introduction to Cyber Security Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: In 2014 the world has continued to watch as breach after breach results in millions of

Session Hijacking Exploiting TCP, UDP and HTTP Sessions Shray Kapoor shray.kapoor@gmail.com Preface With the emerging fields in e-commerce, financial and identity information are at a higher risk of being

Basic Security Requirements and Techniques Confidentiality The property that stored or transmitted information cannot be read or altered by an unauthorized party Integrity The property that any alteration

Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics

system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users. From a high-level standpoint, attacks on computer systems and networks can be grouped

TCP/IP Concepts Review Ed Crowley 1 Objectives At the end of this unit, you will be able to: Describe the TCP/IP protocol stack For each level, explain roles and vulnerabilities Explain basic IP addressing